This forum is in READ-ONLY mode.
You can look around, but if you want to ask a new question, please use the new forum.
Home » support » symfony 1.3 and 1.4 » Doctrine csrf token required
Doctrine csrf token required [message #102723] Mon, 19 July 2010 10:30 Go to next message
psychol1986  is currently offline psychol1986
Messages: 10
Registered: June 2010
Junior Member
hello @ll. I have generated my forms by doctrine. And I have a problem when i send a form. It doesn't validate. The error message i get is: CSRF token Required. Also the required fields do not validate even if they are fulfilled ok. Can you help me? I'm using symfony 1.4
Re: Doctrine csrf token required [message #102737 is a reply to message #102723 ] Mon, 19 July 2010 13:20 Go to previous messageGo to next message
niroshan  is currently offline niroshan
Messages: 11
Registered: July 2010
Location: Sri Lanka
Junior Member
Hi psychol1986,

I`m a quite a newbie to symfony as well but since i had the same problem before I think i can help you out.

First of all did u set any validators?

next thing is setting the name space. This name space will help you to bind your form with the validators. you should have this setup in the form configure() method.
$this->widgetSchema->setNameFormat('profile[%s]');


It doesn`t have to be profile. it can be any name.

next check your action file. It should bind your form with the validators.

$this->form = new <your form class>();
$params = $request->getParameter('profile');
$this->form->bind($params);


This is how i managed to fix it. Hope this helps you too.

Thanks,
best regards,
Niroshan

Re: Doctrine csrf token required [message #102740 is a reply to message #102723 ] Mon, 19 July 2010 13:59 Go to previous messageGo to next message
psychol1986  is currently offline psychol1986
Messages: 10
Registered: June 2010
Junior Member
Hellol I did what you have told me. But i still have the csrf token required error. Here is my action code:
public function executeTest(){
      $this->form = new JobeetCategoryForm();
      $request = $this->getRequest();

      $params = $request->getParameter('category');
      
      $this->form->bind($params);

  }

my form class

public function configure()
  {
      $this->widgetSchema->setNameFormat('category[%s]');

      
  }


i don't have any idea what is wrong. Mayby i missunderstood you?
Re: Doctrine csrf token required [message #102742 is a reply to message #102740 ] Mon, 19 July 2010 14:37 Go to previous messageGo to next message
niroshan  is currently offline niroshan
Messages: 11
Registered: July 2010
Location: Sri Lanka
Junior Member
H,

NO u didn`t misunderstood me. That`s exactly what i did Sad

Can you check the generated html (view source from the browser) to see whether it generate the category[_csrf_token] hidden field?


one more thing are you using url_for() method to generate the form action??

<form name="form1" method="post" action="<?php echo url_for('/test'); ?>">


if so instead try,

<?php echo form_tag('test') ?>


Thanks,
best regards,
niroshan

Re: Doctrine csrf token required [message #102743 is a reply to message #102723 ] Mon, 19 July 2010 14:59 Go to previous messageGo to next message
psychol1986  is currently offline psychol1986
Messages: 10
Registered: June 2010
Junior Member
In html source I have
<input type="hidden" name="category[_csrf_token]" id="category__csrf_token" />


but there is no values in it. It's wierd.

I'm using this metod to generate the form:


<?php echo form_tag('job/test' , 'post') ?>

Re: Doctrine csrf token required [message #102753 is a reply to message #102743 ] Mon, 19 July 2010 15:46 Go to previous messageGo to next message
niroshan  is currently offline niroshan
Messages: 11
Registered: July 2010
Location: Sri Lanka
Junior Member
hi psychol1986,

I`m sorry I dont understand this as well. sorry mate i`m also a newbie to symfony.

I have done some search on the net and found this thread,
http://www.mail-archive.com/symfony-users@googlegroups.com/m sg06354.html

try to put,

<?php echo $form['_csrf_token'] ?>
<?php echo $form[$form->getCSRFFieldName()]->render() ?>



as it says and see the generated source whether it generate the csrf_token.

best regards,
niroshan
Re: Doctrine csrf token required [message #102757 is a reply to message #102723 ] Mon, 19 July 2010 15:54 Go to previous messageGo to next message
psychol1986  is currently offline psychol1986
Messages: 10
Registered: June 2010
Junior Member
now I have:
<input type="hidden" name="category[_csrf_token]" value="" id="category__csrf_token" /></td>
</tr>
        <input type="hidden" name="category[_csrf_token]" value="" id="category__csrf_token" /><input type="hidden" name="category[_csrf_token]" value="" id="category__csrf_token" />
    </tr>



Re: Doctrine csrf token required [message #102760 is a reply to message #102757 ] Mon, 19 July 2010 16:02 Go to previous messageGo to next message
niroshan  is currently offline niroshan
Messages: 11
Registered: July 2010
Location: Sri Lanka
Junior Member
Hi psychol1986,

Do you have specified 'csrf_secret' in settings.yml page??

all:  
  .settings:
    # Form security secret (CSRF protection)
    csrf_secret: <key>


you can find the settings.yml file at <app>/config folder.

Regards,
Niroshan

[Updated on: Mon, 19 July 2010 16:02]

Re: Doctrine csrf token required [message #102761 is a reply to message #102760 ] Mon, 19 July 2010 16:04 Go to previous messageGo to next message
psychol1986  is currently offline psychol1986
Messages: 10
Registered: June 2010
Junior Member
Yes i have:

all:
  .settings:
    # Form security secret (CSRF protection)
    csrf_secret:            fusdjfnsdlfnsdkj

    # Output escaping settings
    escaping_strategy:      true
    escaping_method:        ESC_SPECIALCHARS

    # Enable the database manager
    use_database:           true

Re: Doctrine csrf token required [message #103414 is a reply to message #102723 ] Mon, 02 August 2010 14:19 Go to previous messageGo to next message
psychol1986  is currently offline psychol1986
Messages: 10
Registered: June 2010
Junior Member
No body else knows how to resolve my problem? please help!
Re: Doctrine csrf token required [message #103425 is a reply to message #102723 ] Mon, 02 August 2010 16:57 Go to previous messageGo to next message
niroshan  is currently offline niroshan
Messages: 11
Registered: July 2010
Location: Sri Lanka
Junior Member
Hi psychol1986,
Can you try one last thing... in your "executeTest" function can you bind the params after you submit the form. I just noticed i have done it like that.

ex:
public function executeTest(){
      $this->form = new JobeetCategoryForm();
      $request = $this->getRequest();
      if ($request->isMethod('post'))
      {
        $params = $request->getParameter('category');      
        $this->form->bind($params);
        
        if($this->form->isValid())
	{
           $this->form->save(); //save the data
        } 

      }
}



let me know what happened ...

Best regards,
Niroshan
Re: Doctrine csrf token required [message #103426 is a reply to message #103425 ] Mon, 02 August 2010 16:59 Go to previous messageGo to next message
xplo  is currently offline xplo
Messages: 428
Registered: September 2008
Faithful Member
isnt the action broken or something ?

executeXXX inn 1.3/4 alawys have the $request object as a parameter

also dont forget symfony cc Smile
Re: Doctrine csrf token required [message #103456 is a reply to message #102723 ] Tue, 03 August 2010 09:15 Go to previous message
psychol1986  is currently offline psychol1986
Messages: 10
Registered: June 2010
Junior Member
niroshan thank you very much it worked:). But I don't understand what does the bind method do?
Previous Topic:how to use two doctrine behaviours in 1.4
Next Topic:Mutual foreign keys might be confusing Propel 1.5?
Goto Forum:
  

powered by FUDforum - copyright ©2001-2004 FUD Forum Bulletin Board Software